cricket at menandmice.com
Mon Oct 8 23:54:27 UTC 2001
> > I've never heard anything like that. That would be completely non-
> > RFC compliant behavior, to say nothing of the fact that it wouldn't
> > generally work.
> Actually, it *does* generally work when the "preferred nameserver"s are
> MSDNS and the zone in question is "AD-integrated", because then all of
> are "multi-master"s capable of accepting updates to the zone.
By "generally," I meant "in the general case," not "usually." It certainly
work in the general case.
> As for RFC-compliance, the RFC leaves a pretty big loophole when it says
> a client can try the nameservers in order of "reachability" instead of
> unfailingly trying the SOA.MNAME nameserver first. It could be argued that
> the "preferred nameserver" can be assumed to be more "reachable" than
> nameservers, since after all the client relies on it for name resolution.
The RFC says a client can try *the authoritative name servers for the zone
updating* in order of reachability, not just any old name server. I have no
qualms with an implementation that looks up the zone's NS RRs and then
looks to see whether one of those is the resolver's default name server to
Men & Mice
DNS Software & Services
More information about the bind-users